Android Apps OnePlus Updates

Backdoor Entry Flaw In OnePlus Devices; OnePlus Says Will Fix The Issue Soon

Some OnePlus devices come with some backdoor entry flaws, and this comes to the front after as user posted about this on a Twitter account. As per the information, those devices are OnePlus 3, 3T and OnePlus 5. While the users try to root their phone, they need to unlock the bootloader which is quite a difficult process. But OnePlus devices come with EngineerMode APK, through which they can easily unlock the bootloader and can root their device which potential root access to third-party apps which can affect the device negatively.

Elliot Alderson Twitted-

“Hey @OnePlus! I don’t think this EngineerMode APK must be in an user build…This app is a system app made by @Qualcomm and customised by @OnePlus. It’s used by the operator in the factory to test the devices.”

Alderson further twitted “If you have an OnePlus device, I’m pretty sure you have this app pre-installed. To check open Settings -> Apps -> Menu -> Show system apps and search EngineerMode in the app list to check,”

After this post, Carl Pei, co-founder of OnePlus informed that the company is now looking in to this matter.

He twitted- “Thanks for the heads up, we’re looking into it,”

However, OnePlus stated that it would not harm the device as it will not give full root access to third-party apps. To install the third party app, the users need to turn on the USB debugging. In OnePlus devices, this mode is turned off by default.

“EngineerMode is a diagnostic tool mainly used for factory production line functionality testing and after-sales support. We’ve seen several statements by community developers that are worried because this apk grants root privileges. While it can enable adb root which provides privileges for adb commands, it will not let 3rd-party apps access full root privileges”, OnePlus said. The company further informed that, in coming OTA update, the company will remove the adb root option from EngineerMode.

 

Source

%d bloggers like this: